PPTX - ME Kabay
Download
Report
Transcript PPTX - ME Kabay
Psychology of
Computer Criminals
&
Insider Crime
CSH5 Chapter 12: “The Psychology of
Computer Criminals.”
Q. Campbell & D. M. Kennedy
CSH5 Chapter 13: “The Dangerous
Information Technology Insider:
Psychological Characteristics and
Career Patterns.”
J. M. Post
1
Copyright © 2011 M. E. Kabay. All rights reserved.
Topics
Hacker Psychology
Moral Development
Why Study Perpetrators?
Social Engineering
Self-Reported Motivations
Psychological Perspectives on
Computer Crime
Social Distance, Anonymity,
and Aggression
Individual Differences and
Computer Criminals
Classifications of Computer
Criminals
The Dangerous Insider
Stress and Attacks on Computer
Systems
Typology of Computer Criminals
Conclusions & Implications
CSH5:
Chapter 12: Campbell, Q. & D. M. Kennedy (2009). “The Psychology of
Computer Criminals.”
Chapter 13: Post, J. M. (2009). “The Dangerous Information Technology
2 Insider: Psychological Characteristics and Career Patterns.”
Copyright © 2011 M. E. Kabay. All rights reserved.
Why Study Perpetrators?
Detection
Knowing how criminals function (modus
operandi, “m.o.”) helps teach us how to
spot attacks
E.g., recognize social engineering
Response
Know what to avoid
E.g., baiting / insulting hackers
Investigation
Focus on likely patterns
E.g., look for boasting in hacker groups
3
Copyright © 2011 M. E. Kabay. All rights reserved.
Why Study Perps (cont’d)
Prevention
Identify and reduce childhood factors likely
to twist children into hackers
Spot pre-criminal attitudes and behaviors
leading to involvement in hacker groups
and provide counseling
Challenge hacker propaganda
Provide attractive alternatives to hacking
4
Copyright © 2011 M. E. Kabay. All rights reserved.
Social Engineering
Detection
Knowing how criminals function (m.o.)
helps teach us how to spot attacks
E.g., recognize social engineering by
providing role-playing games
Response
Know what to avoid
Investigation
Focus on likely patterns
E.g., look for boasting in hacker groups
5
Copyright © 2011 M. E. Kabay. All rights reserved.
Self-Reported Motivations
Paul Taylor’s
research:
Addiction
Curiosity
Boredom
Power
Recognition
Politics
6
Orly TurgemanGoldschmidt’s findings:
Curiosity
Thrill seeking
Need for power
Ideological opposition
to information
restrictions
Copyright © 2011 M. E. Kabay. All rights reserved.
Psychological Perspectives
on Computer Crime
Self-reported motivations may
be incomplete or inaccurate
Behavior often controlled by
unconscious factors
So beware facile explanations
and generalizations about
criminal hacking
7
Copyright © 2011 M. E. Kabay. All rights reserved.
Social Distance,
Anonymity, and Aggression
Many criminal hacking activities are aggressive
Likelihood increases when perpetrators can
remain anonymous and
When likelihood of retaliation low
Milgram’s landmark work on
depersonalized obedience showed
how powerful deindividuation could
be in fostering unethical, immoral
or illegal behavior
Bandura showed that criminals justify their acts
by minimizing their significance and blaming
their victims
Thus some hackers blame people they hack
8
Copyright © 2011 M. E. Kabay. All rights reserved.
Individual Differences and
Computer Criminals
DSM IV suggests possibility that some
computer criminals have personality
disorders (PD)
Antisocial PD
Insincerity, dishonesty
Superficial charm, enhanced
intellect
Require little or no reward
Ignore threats of punishment
Self-justification, blaming victims
NOT A UNIVERSAL DIAGNOSIS – JUST THAT
SOME OF THE CRIMINALS MAY FIT PROFILE
9
Copyright © 2011 M. E. Kabay. All rights reserved.
More About Personality
Disorders
Narcissistic PD
Attention seekers
Inflated sense of
entitlement
Lack of empathy for
victims
Rationalization to
justify behavior
AGAIN: NOT A
UNIVERSAL DIAGNOSIS
– JUST THAT SOME OF
THE CRIMINALS MAY FIT
PROFILE
10
Copyright © 2011 M. E. Kabay. All rights reserved.
Asperger's Syndrome
Mild form autism
Reduced social relations and skills
Low affect,
Reduced interest in interaction,
awkward interactions
Prone to repetitive, intense interests
& behaviors
Obsessive or extremely focused
area of intellectual interest
NO EMPIRICAL EVIDENCE LINKING
CRIMINAL HACKING TO ASPERGER
SYNDROME
Most Asperger victims extremely
honest
Asperger may be higher in
computer enthusiasts than in
general population
11
Copyright © 2011 M. E. Kabay. All rights reserved.
Computer Addiction and
Computer Crime
Some computer criminals may
have behaviors akin to addiction
Concentration on computer
use
Mood dependence on usage /
hacking
Increased dependence over time
Withdrawal effects upon deprivation
Conflict over habits
Relapse when attempting to stop
Some computer criminals report intense
feelings (“rush”) when engaging in criminal
hacking – and depression when stopped
12
Copyright © 2011 M. E. Kabay. All rights reserved.
Ethics and Computer Crime
Some researchers suggest computer criminals
have underdeveloped moral
maturity
“Information Wants to be Free”
Deviant attitudes toward
unauthorized use of computing /
network resources
Justifications of intellectualproperty theft highly deviant if
applied to physical property
Blaming victim commonplace
Frequently unaware of consequences of actions
May see actions as entertainment in a playground:
deny existence of real victims or real effects
13
Copyright © 2011 M. E. Kabay. All rights reserved.
Moral Development
Kohlberg’s Stages of Moral Reasoning
Stage of moral
reasoning
Level
Moral behavior perceived
as that which …
Level 1
Avoids punishment
Level 2
Gains reward
Level 3
Gains approval and
avoids disapproval of others
Level 4
Is defined by rigid codes of
“law and order”
Level 5
Is defined by a social contract
generally agreed upon
for the public good
Level 6
Is based on abstract ethical principles
that determine one’s own moral code
Preconventional
Conventional
Postconventional
14
Copyright © 2011 M. E. Kabay. All rights reserved.
Moral Reasoning By Age
(Kohlberg, 1963)
Percentage of answers
100
90
80
70
60
1&2
3&4
5&6
50
40
30
20
10
0
7
15
10
Age
13
Copyright © 2011 M. E. Kabay. All rights reserved.
16
Classifications of Computer
Criminals
Many different frameworks used over years
Novices / Students / Tourists / Crashers /
Thieves
Lamers / Neophytes / Elite
Pranksters / Hacksters / Malicious Hackers /
Personal Problem Solvers / Career Criminals /
Extreme Advocates / Malcontents, Addicts &
Irrational Individuals
Roger’ New Taxonomy
Newbie / Cyber-punk / Internals / Coders / Old
Guard / Professional Criminals
Class Apart: Virus Creators
16
Copyright © 2011 M. E. Kabay. All rights reserved.
The Dangerous Insider
Predominantly introverts
More interested in ideas than
in social relationships
Internalize stress
Express themselves online
Research by Dr Jerrold Post on
computer technology insiders
Reviewed > 100 cases
computer crime
Interviewed many security
professionals
Results follow on next slides
17
Copyright © 2011 M. E. Kabay. All rights reserved.
Characteristics of Dangerous
Computer
IT
Insiders
Social & Personal Frustrations
Computer Dependency
Ethical Flexibility
Reduced Loyalty
Entitlement
Lack of Empathy
18
Copyright © 2011 M. E. Kabay. All rights reserved.
Social & Personal
Frustrations
History of frustrations in relationships
Personal
With coworkers
Prefer predictability &
structure of work
Like computers
Propensity for anger toward
authorities
Some display revenge
syndrome
Getting even for perceived injury
May have chosen computer work with explicit or
implicit intention of striking back at unfair society
19
Copyright © 2011 M. E. Kabay. All rights reserved.
Computer Dependency
Unusual emphasis on computer-mediated activity
May replace face-to-face
interactions by virtualworld contacts
May use online persona
as mechanism for
Influence
Manipulation
Recruitment
May become so involved
in computer work as to
be classified as addicted
20
Copyright © 2011 M. E. Kabay. All rights reserved.
Ethical Flexibility
Small proportion (<10%) approve of illegal acts
Criminal hacking
Sabotage
Espionage
Believe that
Inadequate security fully
justifies penetration,
unauthorized exploitation
Computers = toys
Data not real
Consequences not serious
21
Copyright © 2011 M. E. Kabay. All rights reserved.
Reduced Loyalty
Little sense of long-term involvement
High turnover in field
Sense of being peons rather
than collaborators
Ties into sense of
entitlement (see next slide)
Loyalty more towards peers
IT professionals
Non-criminal hackers
Criminal hackers
22
Copyright © 2011 M. E. Kabay. All rights reserved.
Entitlement
Feeling of being special
Entitled to corresponding
Recognition
Privileges
Exceptions
Fragile egos
Easily offended
Prone to anger
Enraged by failure to
recognize them as
special
Seek revenge for slights
23
Copyright © 2011 M. E. Kabay. All rights reserved.
Lack of Empathy
Little or no regard for effects
of their actions on others
Incapable of recognizing
consequences of their actions
Overall, the entire set of
observations fit two related
personality disorders:
Avoidant/schizoid
Antisocial/narcissistic/paranoid
24
Copyright © 2011 M. E. Kabay. All rights reserved.
Stress and Attacks on
Computer Systems
Course of insider computer crime shows gradual
increase in severity of incidents
Starts with minor infraction
Often overlooked
Fear of upsetting valuable
employee
But intervention could prevent
slide into further infractions
Moderate infraction is next
Again, often not dealt with by management
Should take appropriate action
Suspension or termination of employment
25
Copyright © 2011 M. E. Kabay. All rights reserved.
Typology of Computer
Criminals
See CSH5 §13.6 for full detail;
only a few types discussed here.
Machiavellians
Hack to advance careers
Frame rivals or superiors to rise
in status
E.g., consultants who plant time
bombs; one case where
specialist caused problems in
systems around world to get
free travel to exotic locations
Proprietors
Niccolò Machiavelli
Feel that they own the systems
(1469-1527)
they work on
Image from Wikipedia
Sequester information to maintain power
26
Copyright © 2011 M. E. Kabay. All rights reserved.
Conclusions & Implications
Use effective hiring practices
See CSH5 Chapter 45 on “Employment
Practices and Policies”
Background checks
Effective monitoring &
detection systems
Provide online support
services as part of Employee
Assistance Program
Formal termination procedures
Include human factors in IT security audits
27
Copyright © 2011 M. E. Kabay. All rights reserved.
DISCUSSION
28
Copyright © 2011 M. E. Kabay. All rights reserved.